<?php
// People form.

session_start();

if (!$_SESSION['usr_id']) {
	header("Location: login.php");
}

require_once('config.php');
require_once('functions.php');
require_once('db.php');

require($smarty_source);
$smarty = new Smarty();
$smarty->template_dir = $smarty_tpl;
$smarty->compile_dir = $smarty_compile_dir;
$smarty->config_dir = $smarty_config_dir;
$smarty->cache_dir = $smarty_cache_dir;
$smarty->debugging = $smarty_dbg;

$smarty->assign('larch_name', $larch_name);
$smarty->assign('larch_name_subtitle', $larch_name_subtitle);
$smarty->assign('session_username',$_SESSION['usr_username']);

// An array of all the form variables.
$formvars = array('id' => '',
		  'time_created' => '',
		  'time_modified' => '',
		  'surname' => '',
		  'givenname' => '',
		  'email' => '',
		  'voicephone' => '',
		  'faxphone' => '',
		  'address1' => '',
		  'address2' => '',
		  'city' => '',
		  'state' => '',
		  'postcode' => '');

// Search for a person record in the database.
function find_person($vars) {
	// We're depending on the fact that the form variables are the same
	// as the table columns but the latter have a "ppl_" prefix.
	$query_vars = array();
	foreach ($vars as $k => $v) {
		$query_vars["ppl_" . $k] = $v;
	}

	// Build a query from the form variables, ignoring empty strings.
	$query = mysql_build_eq_query("people", $query_vars, true);

	$result = mysql_query($query, $db_conn);

	if ($result == false) {
		return false;
	} elseif (mysql_num_rows($result) == 0) {
		return false;
	} else {
		// Return an array of matching records.
		$rows = array();
		while ($row = mysql_fetch_assoc($result)) {
			$row = remove_prefixes($row, "ppl_");
			$rows[] = $row;
		}
		return $rows;
	}
}

// Connect to the database.
$db_conn = mysql_connect_localhost_readonly($larch_db_name);

// If the user is an administrator, then enable editing.
// FIXME: Also enable editing if the user account points to the current person
// record. Do this in the POST stuff.
if (get_user_type($_SESSION['usr_id'], $db_conn) == 'administrator') {
	$smarty->assign('edit_allowed', true);
}

// Top level.
if ($_POST) {
	// If this is a POST then determine if we're searching or adding a new
	// person to the database.
	switch ($_POST['submit']) {
		case 'Search':
			// Copy the non-null form variables.
			$searchvars = array();
			foreach ($formvars as $k => $v) {
				if ($_POST[$v] != '') {
					$searchvars[$v] = $_POST[$v];
				}
			}
			// Run a query with them.
			$people = find_person($searchvars);
			if ($people == false) {
				// FIXME: Nothing found.
			}
			switch(count($people)) {
				// FIXME: Can't happen.
				case 0:
				break;
				// One record found, display it.
				case 1:
					foreach ($row as $k => $v) {
						$smarty->assign($k, $v);
					}
				break;
				// More than one record found. Present a list
				// of matches.
				default:
				break;
			}
			$smarty->assign($formvars);
		break;
		case 'Apply changes':
		break;
		case 'New Person':
		break;
	}
} elseif ($_GET) {
	// GET means this is an empty form.
	// FIXME: Is there any way to GET and not be from an empty form?
	$smarty->assign('empty_form', true);

	// We need countries and institutions for pulldown lists.
	$countries = get_countries($db_conn);
	$smarty->assign('country_pulldown', $countries);
	$institutions = get_institutions($db_conn);
	$smarty->assign('institution_pulldown', $institutions);

	// An array of form variables, all null.
	$smarty->assign($formvars);
}

mysql_close();

$smarty->display('people.tpl');
?>
